Sanesecurity ClamAV blog: zero hour malware, phishing and scams: Track Advice Notification: Consignment Australia Post

Wednesday 1 April 2015

Track Advice Notification: Consignment Australia Post

Track Advice Notification: Consignment Australia Post malware....

Headers: (example)

Subject: Track Advice Notification: Consignment RYR7195355
From: "Australia Post" {noreply@auspost.com.au}

Message body (example)

Your parcel (1) has been dispatched with Australia Post.


The courier company was not able to deliver your parcel by your address.


Label is enclosed to the letter.
Print a label and show it at your post office.


Label: RYR7195355


To view/download your label please click here or follow the link below :


https://eparceltrack.auspost.com.au/external/webui/aspx?LabelCode=label_7195355



**Please note that this is an automatically generated email - replies will not be answered.

The above link, actually download a Zip file:

https://www.cubbyusercontent.com/pl/RYR5601763.zip/_33cdead4ebfe45179a32ee175b49c399

Inside the zip, is Windows executable:

RYR5601763.scr

Sha256 Hashes:

7ac09282cc511758e59c72521151071b3feef7824aa25be51cb0e640ed747d98 [1]

Malware Information:

VirusTotal Report [1] (hits 13/57 Virus Scanners)

Malwr Report [1]

Hybrid Analysis Report [1]

Cheers,

Steve
Sanesecurity.com

1 comment:

Anonymous said...: Just got one of these! Thanks for the warning.; 19 May 2015 at 05:26

Sanesecurity ClamAV blog: zero hour malware, phishing and scams

Amazon3

Pages

Amazon

Wednesday 1 April 2015

Track Advice Notification: Consignment Australia Post

1 comment: